NIS (Network Information Service) is a distributed directory service protocol developed by Sun Microsystems for UNIX and UNIX-like systems. Its primary function is to centrally manage system configuration information across multiple hosts within a network, such as user accounts, passwords, hostnames, and groups, thereby simplifying system administration.
NIS adopts a master-slave architecture:
Master Server
Responsible for maintaining the original data of all network information, usually sourced from system files like /etc/passwd, /etc/group, and /etc/hosts.
Slave Server
Synchronizes data from the master server to provide redundancy, ensuring that network services can continue to operate even if the master server fails.
Client
Queries the NIS server for required information via RPC (Remote Procedure Call), such as authentication data during user login.
This centralized management approach allows system administrators to update data only on the master server, and all clients can automatically obtain the latest information, avoiding the tedious work of configuring each host individually.
NIS was originally called "Yellow Pages (YP)," but due to "Yellow Pages" being a registered trademark of British Telecom in the UK, Sun Microsystems was forced to rename it to NIS. However, many related commands and functions still retain the "yp" prefix, such as ypcat, ypmatch, and ypwhich.
Centralized Management
Unified management of user accounts, groups, hostnames, etc., simplifying system administration.
Consistency
Ensures all clients use the same configuration data, reducing errors and inconsistencies.
Scalability
Suitable for small to medium-sized network environments, capable of effectively managing tens to hundreds of hosts.
Although NIS was widely used in the past, its security and scalability have become insufficient with the development of network environments:
Security Issues
NIS transmits data unencrypted, making it vulnerable to man-in-the-middle attacks or data theft.
Lack of Fine-grained Access Control
Unable to set different access permissions for different users.